Diversified Systems.comRemote
Cyber Security Consultant
United States
Full Time
4 hours ago
H1B Sponsor Likely
About this role
Diversified Systems is an award-winning Technology Services corporation providing IT project consulting services nationwide. They are seeking a Cyber Security Consultant to analyze security posture ratings for online driver training organizations and ensure compliance with security standards.
Responsibilities:
- Review the initial security assessment provided by online driver training companies at the time of application
- Department provides the security assessment questionnaire
- Validates the security assessment is accurately and thoroughly completed
- Review updated security assessments provided by online driver training companies for submission of changes to security controls
- Document and address concerns or clarifications needed for the security assessment review with the online driver education companies
- Compares responses against the assessment and industry standards
- Review online driver training company annual attestations of compliance
- Validates the annual attestation is accurately and thoroughly completed
- Communicates any deficiencies in the annual attestation to the online driver training company and facilitates accurate completion of the attestation of compliance
- Contact and work with BitSight to configure monitoring parameters and use BitSight functionality to direct findings and remediation recommendations to the online driver training company
- Discuss findings with the online driver training company
- Uses OneTrust as the Governance, Risk, and Compliance (GRC) tool to assess and communicate
- Does not assist the online driver training company in determining the corrective path of action
- Upon complaint for investigation, review updated monitoring results to confirm no falsification or other violation has occurred
- Run BitSight reports and provide the information the business needs for administrative action, and communicate with the DPS Driver Training Program Office on a consistent basis with status updates
- Monitor upcoming changes to the controls and communicate specifics to the Driver Training Program Office
- May need to provide testimony at administrative hearings; any testimony is based on established processes and expertise on security controls, if needed
Requirements:
- 3 years experience with cybersecurity frameworks (NIST CSF, ISO 27001), third-party risk assessment, vendor management, and data privacy
- 3 years vulnerability management experience
- 3 years utilizing BitSight security ratings to assess driving school security posture
- 3 years daily or weekly tracking of vendor security ratings in BitSight to detect drops in security performance
- 3 years generating automated reports and dashboards for the business highlighting provider risk exposure and security control effectiveness
- 3 years managing remediation plans within OneTrust GRC to closure